Vulnerability Details : CVE-2006-6745
Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.
Exploit prediction scoring system (EPSS) score for CVE-2006-6745
Probability of exploitation activity in the next 30 days: 2.15%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-6745
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2006-6745
- http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html
-
http://www.securityfocus.com/bid/21673
- http://www.vupen.com/english/advisories/2007/0936
- http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html
- http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
-
http://www.kb.cert.org/vuls/id/102289
US Government Resource
-
http://www.us-cert.gov/cas/techalerts/TA07-022A.html
US Government Resource
- http://www.vupen.com/english/advisories/2007/1814
- http://security.gentoo.org/glsa/glsa-200701-15.xml
- http://docs.info.apple.com/article.html?artnum=307177
- http://www.novell.com/linux/security/advisories/2007_45_java.html
-
http://securitytracker.com/id?1017426
Patch;Vendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml
- http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579
- http://www.redhat.com/support/errata/RHSA-2007-0073.html
- http://www.vupen.com/english/advisories/2007/4224
-
http://dev2dev.bea.com/pub/advisory/240
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1
Vendor Advisory
- http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html
-
http://www.vupen.com/english/advisories/2006/5074
- http://security.gentoo.org/glsa/glsa-200702-08.xml
- http://www.redhat.com/support/errata/RHSA-2007-0062.html
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9621
Products affected by CVE-2006-6745
- cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_02:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_03:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_04:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_05:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_01:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_06:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:5.0:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:5.0_update1:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_07:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:5.0_update5:*:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.1:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_08:*:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:5.0_update2:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:5.0_update3:*:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_11:*:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_12:*:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:5.0_update6:*:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:5.0_update7:*:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4:*:sdk:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_09:*:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:1.4.2_10:*:*:*:*:*:*:*
- cpe:2.3:a:sun:j2se:5.0_update4:*:*:*:*:*:*:*